-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
BUD-07 Paid storage #29
Open
quentintaranpino
wants to merge
14
commits into
hzrd149:master
Choose a base branch
from
quentintaranpino:BUD07-paid-storage
base: master
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
BUD-07 Paid storage #29
quentintaranpino
wants to merge
14
commits into
hzrd149:master
from
quentintaranpino:BUD07-paid-storage
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
hzrd149
requested changes
Sep 11, 2024
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks great, a few formatting fixes and one comment. but I really like how simple this is
Co-authored-by: hzrd149 <[email protected]>
Co-authored-by: hzrd149 <[email protected]>
Co-authored-by: hzrd149 <[email protected]>
Co-authored-by: hzrd149 <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This pull request introduces BUD-07, which outlines how servers can require and handle payments for blob storage. This specification allows servers to inform clients if a payment is needed for uploading or accessing a blob, either by rejecting the request upfront or by requiring payment after the upload is completed.
Readable version here
Key Features of BUD-07:
This specification introduces payment requirements for blob storage, allowing servers to manage payments both before and after an upload. When payment is required, the server uses the
Www-Authenticate
header and the L402 protocol standard to return a 402 Payment Required status code, along with payment details such as macaroon and invoice.This mechanism ensures that clients are informed if payment is necessary before an upload or access attempt, or even after an upload is completed.
These endpoints MUST return a 402 Payment Required status code and a
Www-Authenticate
header when the payment is required.Authenticate header
The
Www-Authenticate
header is a standard HTTP header field that defines the authentication method that should be used to gain access to a resource. It is used by the server to challenge the client to authenticate itself. Using the L402 protocol, theWww-Authenticate
header can be used to request payment for specific blobs.The
Www-Authenticate
header contains themacaroon
andinvoice
fields for servers and themacaroon
andpreimage
fields for clients.macaroon
A base64 encoded string containing the macaroon, see L402 macaroons.invoice
A string containing LN the payment request.preimage
A string containing the payment preimage.Client-Side Handling: For clients that do understand the 'Www-Authenticate' header, they can display the invoice and facilitate payment directly, ensuring a seamless upload process once payment is completed using L402 standard.
Server-Side Handling: Thanks to the L402 protocol, the server can directly validate the client's payment within the request by using the preimage of the Lightning invoice, ensuring that the payment has been made before processing the blob storage or access without relying on a Lightning node or third-party services.
Backward Compatibility: For clients that do not support or interpret the
Www-Authenticate
header, the server will still return the appropriate402 Payment Required
status code. However, to maintain compatibility and user experience, the server will allow uploads to proceed but will display a payment request (QR code, text string, JSON, etc.) when the client tries to access the uploaded content. This ensures smooth interaction with not compatible clients, while enabling the server to enforce payment for storage or access.Example
Here is an example of a QR code generated by nostrcheck-server for the
url
field as long as a payment has not been made: